New Security Bulletins for September

  • Article

This just came across my desk.

The purpose of this alert is to provide you with a summary of the Microsoft September 26 2006 Security Bulletin release.

New Security Bulletins for September 26 2006

Microsoft is releasing the following security bulletins for newly discovered vulnerabilities:

MAXIMUM SEVERITY

BULLETIN NUMBER

PRODUCTS AFFECTED

IMPACT

Critical

MS06-055

Windows XP SP1/SP2/X64, Windows 2003/SP1/SP1 for Itanium/2003 for x64

Remote Code Execution

The summary for this bulletin can be found at the following page:

https://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx

Re-released Security Bulletins

In addition, Microsoft is re-releasing the following security bulletins

(NOTE: This list conains ONLY those products affected by the re-release and the severity of the vulnerability for those products affected by the re-release)

 

MAXIMUM SEVERITY RATING

BULLETIN NUMBER

PRODUCTS AFFECTED (re-release only)

IMPACT

Important

MS06-049

Windows 2000 SP4

Elevation of Privilege

Information on these re-released bulletins may be found at the following pages:

https://www.microsoft.com/technet/security/Bulletin/MS06-049.mspx

Customers are advised to review the information in the bulletins, test and deploy the updates immediately in their environments, if applicable.

TechNet Webcast: Information about Microsoft's 26 September 2006 Security Bulletins (Level 100)

Wednesday, September 27, 2006 11:00 AM (GMT-08:00) Pacific Time (US & Canada)

 https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032311209&Culture=en-US

================================================

Security Bulletin Details

================================================

MS06-055

Title: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)

Affected Software:

  • Microsoft Windows XP Service Pack 1
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
  • Microsoft Windows Server 2003 x64 Edition

Affected Components:

  • Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
  • Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Restart required: Maybe, if the file is in use. See KB Article 887012 at https://support.microsoft.com/kb/887012

Update can be uninstalled: Yes, Add or Remove Programs

More information on this vulnerability is available at: https://www.microsoft.com/technet/security/Bulletin/MS06-055.mspx

**********************************************************************

Re-Release Information:

MS06-049

Title: Vulnerability in Windows Kernel Could Result in Elevation of Privilege (920958)

Affected Software (re-release only):

  • Microsoft Windows 2000 Service Pack 4

Impact of Vulnerability: Elevation of Privilege

Maximum Severity Rating: Important

Reason for Re-release:

The update has been revised and re-released for Microsoft Windows 2000 Service Pack 4 to address issues identified in Microsoft Knowledge Base Article 920958.

More information on this re-released bulletin is available at: https://www.microsoft.com/technet/security/bulletin/MS06-049.mspx

Cheers, Jeffa